All logging and auditing facilities must be configured according to your local requirements. It is not where a sysadmin has right to say something. It is your local authorities who say the word. After you have your requirements it is easier to decide what should be written in a configuration file to receive the information you require on the central logging server.
If you can't analyze the received information, because you've never seen UNIX logs, you have to hire some experienced guy or can try to post example log entries if they are not tooo sensitive for your organization here and forum members will try to explain the logs to you. Although I don't want to just say "Read the manuals", the manual page has a good description of all the configuration options.
There isn't an AIX one on this site, but you can read this:- Solaris syslog. You can get too much and struggle to cope disk space, too much to filter etc. Find all posts by rbatte1. Hey, guys thank you so much for you replies, but the fact is that I have read extensively all the official manuals. Although the types and priorities of messages are defined in high-level areas, such as user-related, or for audit purposes, the problem is that I could not find a comprehensive list of the exact actions that are being logged.
I hope that makes my question more specific. Join Date: Sep There is no exact complete list, that defines which application writes into those facilities as far as I know. Though it is common sense, that a mail server will most likely write to it's own logs or write to the syslog daemon and sowith addressing the config lines for the mail facility.
Best may be to filter the log and see what is written there, usually there will some kind of source, like [kernel] in Linux or a daemon that writes there. But if nothing happens and it is not written there, I doubt you will easily find out what could write there. Some software writes there, other has it's own logs etc. Maybe IBM developers know, which parts of their software will write to which facility. Or maybe some admin here can give a hint which things are written there just by experience, but I doubt it will be an exact full list.
You can see those facilities like mail, user, daemon, The severities are just an additional filter to sort, where which type of messages should go. Last edited by zaxxon; at PM.. There is no such comprehensive list. Every application can call the functions openlog and syslog , specifying facility and priority for syslog messages they like.
You can also do the same thing from the command line: Code :. Join Date: May It might pay to understand how the syslog works: On one side you have applications this is rather losely defined, system tools might be among them , which use system calls to issue messages. Messages are grouped by "facilities" local, user, audit, Each message belongs to exactly one facility and one severity. Syslog is a daemon - syslogd - which collects all these messages.
The syslog. Notice, that the severity levels are ordered. Every rule for a certain level also affects all higher severities. Let us analyze your own example: Code :. Last edited by bakunin; at PM.. Originally Posted by bakunin. There are no logs as these are single commands which have a return code and some diagnostic messages in case something goes wrong.
You might want to write some script wrapper for them and write a log file yourself. This is not clear enough. Note that this only pertains to locally authenticated users. LDAP-, Kerberos-, You might want to read up about "LAM" "loadable authentication modules" for details.
That depends on what you want to know. You can also configure some authentication mechanisms to use the syslog facilities to write logs.
There is nothing out of the box, though, because "authentication" is a loadable, configurable and quasi-external service for AIX. Is logged in the error log.
Join Date: Oct But it depend on your system configuration. Join Date: Nov In my quick scan I missed any mention of syslog. A lot of user related activated in kept in the 'auth' log, and much of that also appears in the 'mail' log. Join Date: Mar Thank you. Daemon logs in AIX. I have to enable sftp and scp daemon logs in AIX 7.
Currently only ftp daemons are being logged. What are the steps for doing so? Also programs such as filezilla uses sftp service to log into AIX. Also needs to know what Accessing files on AIX system from Linux system. The log files are created with permissions by user ora , Red Hat.
How would I go about locating it? If it is there, it should be able to tell you where all the log files are. If it's not there, you need to find out how syslogd was run, either:. Stack Overflow for Teams — Collaborate and share knowledge with a private group. Create a free Team What is Teams? Collectives on Stack Overflow. Learn more. Asked 12 years, 6 months ago. Active 12 years, 6 months ago.
Viewed 14k times. Improve this question. Add a comment.
0コメント